HOTSPOT - (Topic 6)
HOTSPOT
You have a Microsoft 365 E5 subscription linked to an Azure Active Directory (Azure AD) tenant. The tenant contains a group named Group1 and the users shown in the following table:

The tenant has a conditional access policy that has the following configurations: Name: Policy1
Assignments:
- Users and groups: Group1
- Cloud aps or actions: All cloud apps
✑ Access controls:
✑ Grant, require multi-factor authentication
✑ Enable policy: Report-only
You set Enabled Security defaults to Yes for the tenant.
For each of the following settings select Yes, if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

Solution:
Report-only mode is a new Conditional Access policy state that allows administrators to evaluate the impact of Conditional Access policies before enabling them in their environment. With the release of report-only mode:
✑ Conditional Access policies can be enabled in report-only mode.
✑ During sign-in, policies in report-only mode are evaluated but not enforced.
✑ Results are logged in the Conditional Access and Report-only tabs of the Sign-in log details.
✑ Customers with an Azure Monitor subscription can monitor the impact of their Conditional Access policies using the Conditional Access insights workbook.

Does this meet the goal?

Correct Answer:A

FILL IN THE BLANK - (Topic 6)
You have a Microsoft 365 tenant.
You need to retain Azure Active Directory (Azure AD) audit logs for two years. Administrators must be able to query the audit log information by using the Azure Active Directory admin center.
What should you do? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

Solution:


Does this meet the goal?

Correct Answer:A

HOTSPOT - (Topic 6)
You have a Microsoft 365 E5 subscription that contains the users shown in the following table.

In Microsoft Endpoint Manager, you have the Policies for Office apps settings shown in the following table.

The policies use the settings shown in the following table.

For each of the following statements, select Yes if the statement is true. Otherwise, select
No.
NOTE: Each correct selection is worth one point.

Solution:


Does this meet the goal?

Correct Answer:A

- (Topic 6)
You have a Microsoft 365 subscription.
You need to identify which administrative users performed eDiscovery searches during the past week.
What should you do from the Security & Compliance admin center?

Correct Answer:D

- (Topic 6)
You have a Microsoft 365 E5 tenant that contains the devices shown in the following table.

You plan to review device startup performance issues by using Endpoint analytics. Which devices can you monitor by using Endpoint analytics?

Correct Answer:A
Reference:
https://docs.microsoft.com/en-us/mem/analytics/overview

- (Topic 6)
You have a Microsoft 365 tenant that contains 1,000 Windows 10 devices. The devices are enrolled in Microsoft Intune.
Company policy requires that the devices have the following configurations:
✑ Require complex passwords.
✑ Require the encryption of removable data storage devices.
✑ Have Microsoft Defender Antivirus real-time protection enabled.
You need to configure the devices to meet the requirements.
What should you use?

Correct Answer:B
Reference:
https://docs.microsoft.com/en-us/mem/intune/protect/device-compliance-get-started